Subj : New Defects reported by Coverity Scan for Synchronet To : cov-scan@synchro.net From : scan-admin@coverity.com Date : Sun Dec 15 2024 13:49:15 Hi, Please find the latest report on new defect(s) introduced to Synchronet found with Coverity Scan. 1 new defect(s) introduced to Synchronet found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 516068: Null pointer dereferences (FORWARD_NULL) /websrvr.c: 5419 in js_ErrorReporter() ________________________________________________________________________________________________________ *** CID 516068: Null pointer dereferences (FORWARD_NULL) /websrvr.c: 5419 in js_ErrorReporter() 5413 pthread_mutex_lock(&mutex); 5414 if(lastline == report->lineno && report->filename != NULL && strcmp(lastfile, report->filename) == 0) 5415 log_level = LOG_WARNING; 5416 else 5417 log_level = LOG_ERR; 5418 lastline = report->lineno; >>> CID 516068: Null pointer dereferences (FORWARD_NULL) >>> Passing null pointer "report->filename" to "strlcpy", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.] 5419 SAFECOPY(lastfile, report->filename); 5420 pthread_mutex_unlock(&mutex); 5421 warning=""; 5422 } 5423 5424 lprintf(log_level,"%04d !JavaScript %s%s%s: %s, Request: %s" ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu4gdQbQRNsarCbK0jIoVQSWT2zCPijRqaed4AhLiEI9Z7MR9SJQ09ot5XPbn9SW-2F14-3DwGMb_7FYjIqE8olEh4k02KWtt1r1LGSyuXVEtCuKuJCXgAQYoPlNm5BibC088PrWc35An4cdaeXCJhAHOfo6MdQKpuyixiVEFSUvV84YSqGOWCuXdzqHO6D3vFmsefEKTNsriv31FvxSemaYCwQ1e-2F5VqBGX6SKqkk-2F5GGTcyG8HHnvAZdIDYA7eRF8DYP-2F3cg26HCdIpmNxtLPnr6lFDWLJb2Q-3D-3D --- þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net .